Ghost/ghost/admin/mirage/config/tiers.js

import {paginatedResponse, withPermissionsCheck} from '../utils';

const ALLOWED_WRITE_ROLES = [
    'Owner',
    'Administrator'
];
const ALLOWED_READ_ROLES = [
    'Owner',
    'Administrator',
    'Editor',
    'Author'
];

export default function mockTiers(server) {
    // CREATE
    server.post('/tiers/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function ({tiers}) {
        const attrs = this.normalizedRequestAttrs();
        return tiers.create(attrs);
    }));

    // READ
    server.get('/tiers/', withPermissionsCheck(ALLOWED_READ_ROLES, paginatedResponse('tiers')));

    server.get('/tiers/:id/', withPermissionsCheck(ALLOWED_READ_ROLES, function ({tiers}, {params}) {
        let {id} = params;
        let tier = tiers.find(id);

        return tier || new Response(404, {}, {
            errors: [{
                type: 'NotFoundError',
                message: 'Tier not found.'
            }]
        });
    }));

    // UPDATE
    server.put('/tiers/:id/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function ({tiers}, {params}) {
        const attrs = this.normalizedRequestAttrs();
        const tier = tiers.find(params.id);

        tier.update(attrs);

        return tier.save();
    }));

    // DELETE
    server.del('/tiers/:id/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function (schema, request) {
        const id = request.params.id;
        schema.tiers.find(id).destroy();
    }));
}
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`import {paginatedResponse, withPermissionsCheck} from '../utils';`

			`const ALLOWED_WRITE_ROLES = [`
			`'Owner',`
			`'Administrator'`
			`];`
			`const ALLOWED_READ_ROLES = [`
			`'Owner',`
			`'Administrator',`
			`'Editor',`
			`'Author'`
			`];`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00
			`export default function mockTiers(server) {`
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`// CREATE`
			`server.post('/tiers/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function ({tiers}) {`
			`const attrs = this.normalizedRequestAttrs();`
			`return tiers.create(attrs);`
			`}));`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`// READ`
			`server.get('/tiers/', withPermissionsCheck(ALLOWED_READ_ROLES, paginatedResponse('tiers')));`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`server.get('/tiers/:id/', withPermissionsCheck(ALLOWED_READ_ROLES, function ({tiers}, {params}) {`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00			`let {id} = params;`
			`let tier = tiers.find(id);`

			`return tier \|\| new Response(404, {}, {`
			`errors: [{`
			`type: 'NotFoundError',`
			`message: 'Tier not found.'`
			`}]`
			`});`
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`}));`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`// UPDATE`
			`server.put('/tiers/:id/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function ({tiers}, {params}) {`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00			`const attrs = this.normalizedRequestAttrs();`
			`const tier = tiers.find(params.id);`

			`tier.update(attrs);`

			`return tier.save();`
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`}));`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00
🐛 Fixed error preventing admin area being usable by staff users with Contributor role closes https://github.com/TryGhost/Team/issues/2190 - added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor - extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints - added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions 2022-10-31 15:01:39 +03:00			`// DELETE`
			`server.del('/tiers/:id/', withPermissionsCheck(ALLOWED_WRITE_ROLES, function (schema, request) {`
			`const id = request.params.id;`
			`schema.tiers.find(id).destroy();`
			`}));`
Renamed products to tiers (#2372) refs: https://github.com/TryGhost/Team/issues/1145 - this should allow us to remove the /products endpoint in v5 It avoids: - `kg-product-card`, that really is meant to say product - `product-cadence` on offers Co-authored-by: Rishabh <zrishabhgarg@gmail.com> 2022-05-11 20:11:54 +03:00			`}`